×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Senior CIAM Architect

Job in New York, New York County, New York, 10261, USA
Listing for: Qode
Full Time position
Listed on 2026-06-22
Job specializations:
  • Security
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 150000 - 180000 USD Yearly USD 150000.00 180000.00 YEAR
Job Description & How to Apply Below
Location: New York

Senior CIAM Architect (15+ Years)

We are seeking a highly experienced Senior CIAM Architect with deep expertise in Ping Identity technologies to lead the design, engineering, integration, and support of enterprise‑scale customer identity and access management platforms. This role requires strong hands‑on experience across federation, authentication, directory services, security, PKI, infrastructure, and automation, with the ability to drive architecture decisions and resolve complex production issues in high‑scale environments.

Role

Summary Mandatory Experience
  • 15+ years in IAM/CIAM domain
  • 8+ years working with Ping Identity products
  • Strong hands‑on experience with:
  • Ping Federate
  • Ping Directory
  • Ping Access
  • Ping One
  • Experience supporting enterprise‑scale customer authentication platforms (10M+ users preferred) With Banking customer would be an added advantage.
Key Responsibilities
  • Lead the architecture, design, implementation, and support of enterprise CIAM solutions using Ping Identity products.
  • Own end‑to‑end solution design for customer authentication, federation, authorization, and directory integration use cases.
  • Design scalable and secure authentication platforms capable of supporting large user populations and high transaction volumes.
  • Implement and optimize SSO, MFA, OAuth, OIDC, and federation flows for enterprise and customer‑facing applications.
  • Drive integration with downstream applications, identity providers, APIs, directories, and security infrastructure.
  • Lead production issue resolution for complex authentication, federation, token, certificate, and directory‑related problems.
  • Collaborate with infrastructure, network, security, application, and Dev Ops teams to ensure resilient and secure identity services.
  • Define engineering standards, deployment patterns, operational runbooks, and best practices for CIAM platform support.
  • Provide technical leadership to engineering teams, review solution designs, and mentor junior team members.
  • Support modernization initiatives including cloud adoption, automation, and observability for identity platforms.
Technical Skills Federation & Authentication
  • SAML 2.0
  • OAuth 2.0
  • OpenID Connect (OIDC)
  • JWT/JWS/JWE
Ping Federate Expertise
  • End‑to‑end Ping Federate administration
  • SSO Integration
  • Token exchange
  • Authentication Policies
  • Selectors and Adapters
  • OAuth/OIDC troubleshooting
  • Federation onboarding
Ping Directory Expertise Cloud Skills
  • Amazon Web Services (AWS)
Infrastructure
  • Linux administration
  • Networking fundamentals
  • DNS
  • Load balancers
  • Reverse proxies
  • Firewall concepts
Security & PKI Expertise (Very Important)

Candidate must have hands‑on experience with:

  • SSL/TLS certificate installation
  • Certificate renewal process
  • Keystore management
  • Trust store management
  • JKS/PKCS
    12 handling
  • CSR generation
  • Root and Intermediate CA chains
  • Mutual TLS (mTLS)
Dev Ops & Automation
  • CI/CD pipelines
  • Git
  • Jenkins
  • Terraform
  • Monitoring and observability
Troubleshooting Capability

Candidate should be able to independently troubleshoot:

  • Federation failures
  • OAuth failures
  • Token validation issues
  • LDAP connectivity issues
  • Replication failures
  • Certificate chain issues
  • Load balancer routing issues
  • Authentication latency problems
  • Production incidents
Required Qualifications
  • 15+ years of experience in Identity and Access Management (IAM) / Customer Identity and Access Management (CIAM).
  • 8+ years of strong hands‑on experience with Ping Identity product suite, especially Ping Federate, Ping Directory, Ping Access, and Ping One.
  • Proven experience designing and supporting enterprise‑scale customer authentication platforms; experience with 10M+ user environments is strongly preferred.
  • Strong expertise in authentication and federation standards including SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and JWT technologies.
  • Deep hands‑on expertise in Ping Federate administration, SSO integrations, token exchange, authentication policies, selectors, adapters, and OAuth/OIDC troubleshooting.
  • Experience with Ping Directory administration, LDAP integrations, directory operations, replication, performance tuning, and troubleshooting.
  • Good understanding of Ping Access for application access control, policy enforcement, and secure application integration.
  • Strong hands‑on…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary